﻿

namespace ZXW.DotNet.Common.NetSnmp
{
	/// <summary>
	/// Authentication digest interface. Interface defines authentication methods
	/// for incoming and outgoing requests.
	/// </summary>
	public interface IAuthenticationDigest
	{
		/// <summary>
		/// Authentication outgoing message
		/// </summary>
		/// <param name="userPassword">Authentication secret</param>
		/// <param name="engineId">SNMP version 3 agent engine id</param>
		/// <param name="wholeMessage">Message to authenticate</param>
		/// <returns>Authentication parameters</returns>
		byte[] authenticate(byte[] userPassword, byte[] engineId, byte[] wholeMessage);

		/// <summary>
		/// Authentication outgoing message
		/// </summary>
		/// <param name="authKey">Authentication key</param>
		/// <param name="wholeMessage">Message to authenticate</param>
		/// <returns>Authentication parameters</returns>
		byte[] authenticate(byte[] authKey, byte[] wholeMessage);

		/// <summary>
		/// Returns the size of the native algorithm. This value does not represent the size of the digest
		/// that is stored inside the USM authentication parameters header but real length generated by it.
		/// </summary>
		int DigestLength
		{
			get;
		}

		/// <summary>
		/// Authenticate incoming messages
		/// </summary>
		/// <param name="authentiationSecret">Authentication user secret (password)</param>
		/// <param name="engineId">SNMP agent authoritative engine id</param>
		/// <param name="authenticationParameters">Authentication parameters from the incoming packet</param>
		/// <param name="wholeMessage">Entire message with authentication parameters field zeroed out</param>
		/// <returns>True if packet is authenticated, otherwise false.</returns>
		bool authenticateIncomingMsg(byte[] authentiationSecret, byte[] engineId, byte[] authenticationParameters, MutableByte wholeMessage);

		/// <summary>
		/// Authenticate incoming messages
		/// </summary>
		/// <param name="authKey">Authentication key</param>
		/// <param name="authenticationParameters">Authentication parameters from the incoming packet</param>
		/// <param name="wholeMessage">Entire message with authentication parameters field zeroed out</param>
		/// <returns>True if packet is authenticated, otherwise false.</returns>
		bool authenticateIncomingMsg(byte[] authKey, byte[] authenticationParameters, MutableByte wholeMessage);

		/// <summary>
		/// Convert password to a key
		/// </summary>
		/// <param name="passwordString">Authentication key</param>
		/// <param name="engineID">Authoritative engine id</param>
		/// <returns>Key value</returns>
		byte[] PasswordToKey(byte[] passwordString, byte[] engineID);

		/// <summary>
		/// Compute hash using authentication protocol.
		/// </summary>
		/// <param name="data">Data to hash</param>
		/// <param name="offset">Compute hash from the source buffer offset</param>
		/// <param name="count">Compute hash for source data length</param>
		/// <returns>Hash value</returns>
		byte[] ComputeHash(byte[] data, int offset, int count);

		/// <summary>
		/// Return authentication protocol name.
		/// </summary>
		string Name
		{
			get;
		}
	}
}
